#1036 - add support for Mobile-OTP (MOTP) tokens

X2Go Bug report logs - #1036
add support for Mobile-OTP (MOTP) tokens

Reported by: Tor Perkins <x2go23@noid.net>

Date: Mon, 16 May 2016 16:10:02 UTC

Severity: normal

Tags: patch, pending

Found in version 4.0.5.2

Fixed in version 4.0.5.2

Done: X2Go Release Manager <git-admin@x2go.org>

Bug is archived. No further changes may be made.

Received: (at submit) by bugs.x2go.org; 16 May 2016 16:05:32 +0000
From x2go23@noid.net  Mon May 16 18:05:29 2016
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=3.0 tests=BAYES_50,URIBL_BLOCKED
	autolearn=ham version=3.3.2
Received: from localhost (localhost [127.0.0.1])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 389A95DACF
	for <submit@bugs.x2go.org>; Mon, 16 May 2016 18:05:29 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de
Received: from ymir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id yxbi8nNLAJ6q for <submit@bugs.x2go.org>;
	Mon, 16 May 2016 18:05:22 +0200 (CEST)
X-Greylist: delayed 400 seconds by postgrey-1.34 at ymir.das-netzwerkteam.de; Mon, 16 May 2016 18:05:21 CEST
Received: from anoid.noid.net (anoid.noid.net [74.95.194.161])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTP id D0C8C5DA8E
	for <submit@bugs.x2go.org>; Mon, 16 May 2016 18:05:21 +0200 (CEST)
Received: from anoid.noid.net (localhost.noid.net [127.0.0.1])
	by anoid.noid.net (GNU) with ESMTP id e5435e03
	for <submit@bugs.x2go.org>;
	Mon, 16 May 2016 08:58:40 -0700 (PDT)
From: Tor Perkins <x2go23@noid.net>
Date: Mon, 16 May 2016 08:56:28 -0700
Subject: add support for Mobile-OTP (MOTP) tokens
To: submit@bugs.x2go.org
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="------------1.7.2.5"
Message-ID: <20160516155839.D738732B800B@noid.net>
X-Mini-Diatribe: To fix America:
	1. Cut government in half
	2. Wait thirty years
	3. Repeat as necessary

[Message part 1 (text/plain, inline)]

Package: x2goclient Version: 4.0.5.2 Tags: patch Hello, There is very nice OTP (One Time Password) algorithm called "Mobile-OTP" (MOTP). Here is a link for more information: http://motp.sourceforge.net/ This small patch extends x2goclient's OTP support to accommodate MOTP. The patch adds a new string ("passcode:") to challenge_auth_code_prompts_[]. It also adds some comments that indicates the source of the various prompt strings in that array. MOTP is a very nice algorithm that is worthy of support for several reasons. It is "free" and "open" and does not rely on a third party infrastructure to operate. It is a Time-based One Time Password (TOTP) algorithm (like OATH can be), with a distinguishing advantage; it does 2FA ("2 Factor Authentication") innately. That is because it requires a 4 digit PIN to be entered every time it is used. The PIN is not stored in the "token" (i.e. smartphone), so a stolen phone does an attacker no good... It is well established and popular. There are many versions of the "token" available (much more than just IOS and Android apps). It is supported by several "backend" systems (like LinOTP). Please refer to the "Links" section on the project page for many more examples... Thanks for your consideration! X2Go rocks! - Tor

X2Go Developers <owner@bugs.x2go.org>. Last modified: Thu Nov 21 18:46:27 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

X2Go Bug report logs - #1036 add support for Mobile-OTP (MOTP) tokens

X2Go Bug report logs - #1036
add support for Mobile-OTP (MOTP) tokens